Stack Overflow
Stack Overflow

Questions tagged [buffer-overflow]

Usually occurs when you attempt to copy data into a buffer without checking for sufficient space, causing data to be overwritten in neighboring cells.

RAM is divided into memory cells with each cell capable of storing a single byte on it's own. Applications use different sizes of the same data type to fulfill their computational needs, which can vary between a single or multiple (arrays) or dynamically allocated (pointers). Problems usually arise when software developers employ the use of arrays or pointers without verifying the destination buffer has sufficient or adequate space.

char Target[10];
char Input[20];
strcpy( Target, Input); // 1st Parameter: Destination, 2nd Parameter: Data

The code listed above plus certain conditions can exhibit the buffer-overflow corruption. If the coder doesn't take the necessary precautions to validate target/input, it will result in data being fed into adjacent memory cells corrupting whatever contents is stored within them.

Such results can be devastating as they affect overall system integrity.

1483 questions
-4
votes
1 answer

Segmentation faults in stack-based buffer overflow

I was doing the SEED lab on buffer overflows which has the following vulnerable code: /* stack.c */ /* This program has a buffer overflow vulnerability. */ /* Our task is to exploit this vulnerability */ #include #include…
nanoman
  • 341
  • 4
  • 11
-4
votes
3 answers

C: IF statement not firing when expected

I have the following function. The executable runs fine. At the prompt, after the program is run, I enter \x0037337331, the value of B is set as B: 0x31333337 Any advice on how I'd trigger to open log.txt int play() { int a; int b; char…
pee2pee
  • 3,619
  • 7
  • 52
  • 133
-4
votes
1 answer

Buffer Overflow

I am trying to create a buffer overflow. There are three variables in a function -- an int, and two arrays. The two arrays are both a length of 14 chars. The int is initialized to 0 in the function, but I am trying to change it to 1. I run the…
winsticknova
  • 365
  • 2
  • 5
  • 17
-4
votes
2 answers

Undefined computer behavior after running a C program

I am getting right to the point because I cannot explain the situation that I am going to describe. I need your attention please! Yesterday I wrote a program in C. The program takes as input a string and if that string is in this form…
Mr T
  • 506
  • 2
  • 9
  • 26
-4
votes
2 answers

Buffer Overflow not happened

I tried this sample c code: int main() { int array[5]; int i; for (i = 0; i <= 255; i++) { array[i] = 10; } } and compile it using: gcc -m32 -o a.out buffer2.c my question is why there is not Segmentation fault? i use…
Hossam EL-Mansy
  • 7
  • 2
-4
votes
1 answer

Try to learn exploitation with c on ubuntu

Im try to learn exploitation I starts at buffer overflow this is my code : #include #include int main (int argc,char *argv[]) { int value=5; char buffer_one[8],buffer_two[8]; strcpy(buffer_one,"one"); …
sdfg asdfsf
  • 41
  • 1
  • 5
-4
votes
1 answer

creating a txt file to call f2() without modiying the code

creating a txt file to call f2() without modiying the code how to input the file and not modify this code the file will have the adress of f2() then the program will print "hello World" note: my f2() address is 00 40 10 14 and in reverse for the…
VS Compiler
  • 73
  • 7
-6
votes
1 answer

how to find the address of a function in a c++ program

i need to find the address of func in the stack so that if i provided a 32 long "A" string and then the function address in the stack i would get the Access granted i remember i did it using objdump but i can't seem to figure it out #include…
Desert Storm
  • 7
  • 5
-6
votes
2 answers

Buffer overflow when running optimized code

I have a large C program that compresses a file using Huffman encoding. It is compiled with gcc, when I run it with optimizations (-O2 or -O1), and the file I'm compressing is large (16MB doesn't cause a problem, 66MB does), after a few seconds I…
shoham
  • 792
  • 2
  • 12
  • 30
-7
votes
2 answers

values of array gets changed automatically after taking string input

#include #include using namespace std; int main() { long int m,i; cin>>m; float first=0,second=0,disp=0; int arr[m]; char ch[m]; for(i=0;i>arr[i]; } cout<<"…
Nishant sharma
  • 116
  • 1
  • 11
-7
votes
1 answer

Hacking: how to perform buffer overflow attack?

I am stuck on a hacking exercise. The program shows this when executed: Build your own string! Usage: ./4 length command... Each command consist of a single character followed by its index. Example: ./4 11 h0 e1 l2 l3 o4 w6 o7 r8 l9 d10 How…
CarolineRudolph
  • 101
  • 1
  • 10
-9
votes
3 answers

segmentation fault, Crashing the program after executing all lines of code

In this program here: #include int main(void) { char ch = 'A'; char* ptr = &ch; ptr[8] = 'B'; printf("ptr[8] = %c\n", ptr[8]); *ptr = 'C'; printf("*ptr = %c\n", *ptr); } The output: ptr[8] = B *ptr =…
Farouk Sabry
  • 165
  • 1
  • 1
  • 5
1 2 3
98
99